Tessera: The Privacy Manager of Choice for Consensys Quorum Networks
Better Together: An Introduction to EEA Privacy
Since last August’s announcement on the acquisition of Quorum by ConsenSys, the Protocols team has been working hard to accelerate the convergence of these two leading enterprise blockchain projects into one unified platform. As part of this, we’ve delivered a roadmap of interoperable features in order to incorporate the best of both stacks.
Privacy is one of the key components of the Enterprise Ethereum standard, and both ConsenSys and JPM have been collaborating on addressing it since 2016. The EEA’s privacy specification is designed to meet hard enterprise requirements: fully private transactions and private smart contracts. In particular, it is designed for restricted private transactions, where relevant data is only ever transmitted to and readable by the parties to the transaction, irrespective of encryption.
This challenge was met by Constellation, and later Orion and Tessera, which manage private transactions on behalf of an Ethereum client. These private transaction managers are separate services which craft, encrypt and distribute private transactions as well as interfacing with secure key store systems.
After months of hard work, we’re excited to announce that we have combined the best of Orion and Tessera into a single codebase. Tessera now works seamlessly with both Hyperledger Besu and GoQuorum. Tessera comes written in the same Java language, with the same permissive Apache2 license, and with twice the engineering and community behind it. As part of this upgrade, Orion enters into a deprecation cycle across the next 6 months. Don’t worry about rushing to migrate—we’ll continue to actively support all users of Orion until 30th November 2021.
New Features for Hyperledger Besu Users
Tessera’s Hyperledger Besu integration gets us one step closer to full interoperability between GoQuorum and Besu, while adding several other nice-to-have features that all our users will appreciate:
- Tessera can be used with InfluxDB and Prometheus for metrics. This means you can use Grafana or your own custom dashboards.
- Tessera logs can be searched, analyzed and monitored using Splunk. Splunk can be set up in such a way that the logs for multiple Tessera nodes in a network are accessible from a single Splunk instance.
Tessera supports multiple keystore options in addition to standard filesystem keys
- Azure Key Vault key pairs
- HashiCorp Vault key pairs
- AWS Secrets Manager key pairs
The Tessera updates don’t affect GoQuorum users, and you can still use all the existing EEA privacy features on your GoQuorum networks.
I’m a Developer. What’s Next?
The latest releases of Hyperledger Besu and Tessera were made for each other. They’ve been extensively tested by our Quorum engineering team. Tessera is incorporated into all our Besu documentation including our neat Quorum developer quickstart. If you’re starting a new project with privacy, check it out!
The migration tool is now available for all existing users of Orion, documented and tested for migrating config and data to Tessera. Don’t forget to backup your Orion DB before attempting migration.
Last but not least: We want to hear from you! Please join us in the Quorum channels on Discord and at our community events to help us to continue to define our roadmap for privacy and the Quorum blockchain platform.